#
# This was developed in house and reported to the upstream.
#
--- openssl-1.0.1e/crypto/evp/e_aes.c Tue Jul 2 11:03:12 2013
+++ openssl-1.0.1e/crypto/evp/e_aes.c.new Tue Jul 2 11:04:56 2013
@@ -1016,8 +1016,12 @@
static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
+ size_t bl = ctx->cipher->block_size;
EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+ if (len < bl)
+ return 1;
+
if (dat->stream.cbc)
(*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt);
else if (ctx->encrypt)